18 Sep 5 Ways Hackers Steal Passwords and How to Protect Yourself
How safe are you on the internet?
Most people using the internet for important activities expect their passwords to keep hackers at bay. However, hackers have come up with several ways to steal passwords. Some are sophisticated and others are simple. However, there are solutions to each and every one of them.
Your password can still keep you safe if you know how to anticipate and counter-attacks. Here are five ways hackers steal passwords as well as solutions to each one.
Phishing is a common technique for stealing passwords. It involves hackers impersonating your email contacts.
Consider a scenario whereby a hacker wants the password to your PayPal account. The hacker will begin by creating an email address that looks just like the ones that you receive from PayPal. The email will alert you to a fake emergency and provide a link for you to log in. The link will redirect you to a counterfeit PayPal website and the hacker will have your password as soon as you type it in.
Solution: The best way to protect yourself against phishing is to avoid following links from suspicious emails. If you have to log into your accounts then do it directly through your browser.
- Malware Attacks
Malware attacks are designed to install spyware programs such as keyloggers and screen scrapers. These programs then keep track of all your activities on your phone and computer. For instance, they record all your keystrokes and take screenshots of your screen activities. This enables hackers to monitor your activities and get access to sensitive data such as passwords.
Solution: The best way to avoid malware attacks is to install premium anti-virus software that will detect and neutralize these viruses. You should also avoid downloading files from suspicious emails and websites.
- Dictionary Attacks
Dictionary attacks are simple. They are also common and highly successful. This technique involves entering each work in a dictionary into the account the hacker has targeted and hoped that one of those words matches the password. It may sound cumbersome but hackers have programs that can try out every word in the dictionary in minutes.
Solution: The best solution against a dictionary attack is to be creative with your passwords – use complex words and include numerals as well as upper and lower case letters. You can also simply combine two unrelated words.
- Brute Force Attacks
When dictionary attacks fail hackers turn to brute force attacks. A brute force attack is meant to detect and identify complex words or combinations of words and numerals. A hacker using brute force attach software has alpha-numeric passwords combinations ranging from aaa1 to zzz10. Hackers use powerful computers with advanced GPU and video cards to expedite brute force attacks. They have also been adopting computing models such as those in use by cryptocurrency miners.
Solution: The best way to keep your password safe against a brute force attack is to encrypt and hash it. Hashing your password will turn it into a long sequence of alphanumeric characters that are more difficult to crack. Also check to see that any websites you may be subscribed to encrypt their password databases.
- Rainbow Table Attacks
In theory, hashing should be irreversible. However, hackers can still reverse the process using rainbow tables. These are long lists of hashes for all possible password combinations of a particular hashing and encryption algorithm. Hackers use these tables to check against all possible hashes that may match those on your password. Again, as is the case with brute force attacks, hackers use powerful computers and programs to expedite the process as it is quite complicated.
Solution: The best way to prevent a rainbow table attack is to ‘salt’ the encrypted/hashed password. Salting simply involves adding a few random characters to the original password before hashing it. There are rumors that salt rainbow tables are now in existence, but it would take more than that to decrypt a salted password.